Role-based access control

Roles determine what a user can and cannot do within Blackboard Learn. Administrators use roles to group privileges into sets that can be assigned to user accounts. Every user associated with a role has all of the privileges included in the role.

When a user account is assigned multiple roles, the user receives all of the privileges included in all of the roles. As an example, consider this scenario. A role is assigned to a user account that does not include access to the course Control Panel. However, the user is also assigned a role that does include access to the Control Panel. The user receives the privilege, even though it was excluded from one of the assigned roles.

About standard roles

When Blackboard Learn is installed, several standard roles are created. Administrators can edit these standard roles.

  • System Roles: System roles control the administrative privileges assigned to a user. This enables administrators to share administrative privileges and functions with other users in Blackboard Learn. To learn more about system roles, see Managing System Roles.
  • Course and Organization Roles: Course and organization roles control access to the content and tools within a course or organization. Each user is assigned a role for each course or organization in which they participate. For example, a user with a role of Teaching Assistant in one course can have a role of Student in another course. Instructors can use these roles to delegate some of the responsibility for maintaining the course. To learn more about course and organization roles, see Managing Course and Organization Roles.
  • Institution Roles: Institution roles control what brands, tabs, and modules users see when they log in to Blackboard Learn. Institution roles also grant or deny access to Content Collection files and folders. To learn more about institution roles, see Managing Institution Roles. All licenses have a limited default set of Institution roles. Organizations with Community licenses may add new Institution roles.

About custom roles

Administrators can create custom roles by copying an existing role and editing its properties and privileges. You can also create a new, blank role and add privileges to it.


Manage privileges

Each role is mapped by default to a base level of privileges. System Administrators may finely customize the power each role may have. There are hundreds of privileges available and System Administrators are able to see all available privileges and the roles for which those privileges are permitted. Each privilege lists the role types and role IDs that have the privilege.

Authoring advanced HTML content

Safe HTML is only applicable to users who do not have the Add/Modify Trusted Content privilege (also called the Add/Edit Trusted Content With Scripts privilege, depending on the version of Blackboard Learn you are running). Users with this privilege can enter unrestricted/trusted HTML, meaning they are not bound to the Safe HTML rules. By default, Blackboard Learn gives this privilege to Administrators, Course Builders, Graders, Instructors, and Teaching Assistants. All other roles do not have this privilege by default, but it can be added on an as-needed basis.

Control access to course files

Instructors determine who can view and perform actions on their files and folders available in Course Files by changing the permissions for users.

By default, the roles of course builder, instructor, and teaching assistant (TA) receive Read, Write, Remove, and Manage permissions for files and folders uploaded directly to Course Files. Students do not receive any permissions for a file or folder until it is linked to content in a course. After you link the file or folder to content, all course users may read the content. Students can view and download the linked file or folder.

You can change the permissions for any file or folder in Course Files. For example, to allow all teaching assistants to view and download but prevent them from editing or deleting a particular file, change the permission for the teaching assistant user list to read permission.

These permissions may be configured via the user interface or through various command-line tools.


Fine-grained guest and anonymous access

You can control whether or not the guest and observer roles have access to your course. There are multiple levels in the application that have guest access. For example, there is guest access to the system, to courses, and to organizations. For guests and observers, availability of course tools can be configured at a fine-grained level.

Guests in a course can include guest lecturers, potential students, or other users who are not directly participating in your course.

Observers are typically assigned to follow specific users in Blackboard Learn without interacting with the system. Observers are able to view the course and track student progress. Also, you can communicate Early Warning System notifications to observers as well as students, or just to the observers of a student.